<?php define("DML", "1");

session_start();

header("Content-type: text/html; charset=utf-8");

define ("PATH", dirname(__FILE__));
define("DS", DIRECTORY_SEPARATOR);

if(!file_exists(PATH.DS.'config.php')){
   if(file_exists(PATH.DS.'install.php')){
      header("location: install.php");
   }else{
      echo "Не найден файл install.php. ";
      exit ();
   }
}

if(file_exists(PATH.DS.'install.php') || is_dir(PATH.DS.'install')){
   echo "Вы не удалили файл install.php и папку install.";
   exit();
}

include PATH.DS.'config.php';
$conf = new Config;

if(!isset($_REQUEST['go'])){
   include PATH.DS.'class'.DS.'TemplateClass.php';
   
   define('BASEHREF',  'http://'.$_SERVER['SERVER_NAME'].'/');
   define('CSS', BASEHREF.'modules/modAuth/');
   
   $tpl = PATH.DS.'modules'.DS.'modAuth'.DS.'index.tpl';
   $data['title'] = "Авторизация - ".$conf->title;
   $data['error'] = @$_SESSION["error"];
   
   $html = ParseTamplatePath($data, $tpl);
   echo $html;
   
   session_destroy();
}else{
   $login = $_POST['login'];
   $passw = md5($_POST['passw']);
   $action = $_POST['go'];

   if (empty($login)){
      $action = "";
      $error = $error."<LI>Вы не ввели свой логин.\n";
   }
   if (empty($passw)){
      $action = "";
      $error = $error."<LI>Вы не ввели пароль.\n";
   }
   if (!empty($action)){
      require_once PATH.DS.'class'.DS.'dmlMySQLClass.php';
      $mysql = new MySQL($conf->dbhost, $conf->dbuser, $conf->dbpassw, $conf->db);
      $mysql->CheckUser($login, $passw);
      if (mysql_num_rows($mysql->result) == 1){ 
         $row = mysql_fetch_array($mysql->result);
         if ($row['passw']!= $passw){ 
            $action = "";
            $error = $error."<LI>Неверный пароль.\n";
         }
      }else{
         $action = "";
         $error = $error."<LI>Не веный логин или пароль.\n";
      }
   }

   if (!empty($action)){
      $action = "";
      $log = $login;
      session_register("auth"); 
      $_SESSION['login'] = $login;
      $_SESSION['userid'] = $row['id'];
      $_SESSION['role'] = $row['role'];
      header("location: index.php");
   }else{
      session_register("$error");
      $_SESSION['error'] = $error;
      header("location: index.php?mod=auth");
   }
}
?>
